CVE-2018-11764

Web endpoint authentication check is broken in Apache Hadoop 3.0.0-alpha4, 3.0.0-beta1, and 3.0.0. Authenticated users may impersonate any user even if no proxy user is configured.
Configurations

Configuration 1

cpe:2.3:a:apache:hadoop:3.0.0:alpha4:*:*:*:*:*:*
cpe:2.3:a:apache:hadoop:3.0.0:beta1:*:*:*:*:*:*
cpe:2.3:a:apache:hadoop:3.0.0:-:*:*:*:*:*:*

Information

Published : 2020-10-21 07:15

Updated : 2022-06-03 06:57


NVD link : CVE-2018-11764

Mitre link : CVE-2018-11764

Products Affected
No products.
CWE